One of the questions I have is how normally are management SVIs traffic marked for QoS? We have a management VLAN for our Layer2, but since I can't apply a policy-map to an SVI how does traffic generated by the switch (i.e. return traffic for management from my workstation, or the switch talking to our NMS) get marked appropriately for QoS? If I look at the current traffic it's just set to DSCP 0 which would put it in with our class default/guest/I like you least traffic. That means if the trunk link ever got congested it'd be one of the first out the window and into the bit bucket.
Is there a best practice out there I've missed somewhere? I've seen some 'mls qos vlan-based' stuff on interfaces but that doesn't sound like the right solution to me. Anyone have any thoughts?
Background:
I'm working on an enterprise wide QoS deployment.
Basically, the trust boundary is going to be at the access edge. I don't manage or own any of the telecom infrastructure, so I'm not even trusting phones.
I'm configuring the basic MQC from what I've learned/know.
1. Created ACLs to match traffic (source/destination/port/packet size/etc.)
2. Create Class maps to match those ACLs
3. Create Policy-map to set the dscp value
4. Apply service policy to inbound access edge ports and priority queue out on all interfaces
At the layer 2 trunks to the core I'm mapping dscp values to outbound queues (eueueeueueues) and sharing all non-priority queueeuueeueues :)
For layer 3 I'm matching incoming dscps and configuring a policy map for bandwidth percent remaining, fair-queue the class-default
